Request for comments on Nginx configuration
mandela
nginx-forum at forum.nginx.org
Thu May 27 18:55:03 UTC 2021
Hello all. I would like to have comments from the Nginx community on the
following configuration:
worker_processes auto;
error_log /var/www/log/nginx.log;
events {
multi_accept on;
worker_connections 16384;
}
http {
include nginx.deny;
include mime.types;
default_type application/octet-stream;
aio on;
sendfile on;
tcp_nopush on;
gzip on;
gzip_comp_level 6;
gzip_min_length 1024;
gzip_types
application/javascript
application/json
application/xml
image/svg+xml
image/x-icon
text/plain
text/css
text/xml
;
lua_shared_dict dict 16k;
log_format main $time_iso8601
' srs="$status"'
' srt="$request_time"'
' crl="$request"'
' crh="$host"'
' cad="$remote_addr"'
' ssp="$server_port"'
' scs="$upstream_cache_status"'
' sua="$upstream_addr"'
' suc="$upstream_connect_time"'
' sut="$upstream_response_time"'
' sgz="$gzip_ratio"'
' sbs="$body_bytes_sent"'
' cau="$remote_user"'
' ccr="$connection_requests"'
' ccp="$pipe"'
' crs="$scheme"'
' crm="$request_method"'
' cru="$request_uri"'
' crp="$server_protocol"'
' chh="$http_host"'
' cha="$http_user_agent"'
' chr="$http_referer"'
' chf="$http_x_forwarded_for"'
;
server_tokens off;
reset_timedout_connection on;
access_log /var/www/log/access.log main;
fastcgi_cache main;
fastcgi_cache_key $host:$server_port$uri;
fastcgi_cache_methods GET HEAD;
fastcgi_ignore_headers Cache-Control Expires;
fastcgi_cache_path /tmp/nginx
levels=2:2
keys_zone=main:4m
inactive=24h
;
ssl_certificate /etc/ssl/server.pem;
ssl_certificate_key /etc/ssl/server.key;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:4m;
ssl_session_timeout 15m;
upstream upstream {
server unix:/tmp/php-fpm.sock;
server 127.0.0.1:9000;
server [::1]:9000;
}
map $http_origin $_origin {
default *;
'' '';
}
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
include nginx.filter;
location / {
set $_v1 '';
set $_v2 '';
set $_v3 '';
rewrite_by_lua_block {
local dict = ngx.shared.dict
local host = ngx.var.host
local data = dict:get(host)
if data == nil then
local labels = {}
for s in host:gmatch('[^.]+') do
table.insert(labels, 1, s)
end
data = labels[1] or ''
local index = 2
while index <= #labels and #data < 7 do
data = data .. '/' .. labels[index]
index = index + 1
end
local f = '/usr/home/www/src/' .. data .. '/app.php'
local _, _, code = os.rename(f, f)
if code == 2 then
return ngx.exit(404)
end
if labels[index] == 'cdn' then
data = data .. '|/tmp/www/cdn/' .. data
else
data = data .. '|/var/www/pub/'
.. table.concat(labels, '/') .. '/-'
end
data = data .. '|' .. f
dict:add(host, data)
ngx.log(ngx.ERR, 'dict:add('..host..','..data..')')
end
local i = 1
for s in data:gmatch('[^|]+') do
ngx.var["_v" .. i] = s
i = i + 1
end
}
alias /;
try_files
$_v2$uri
/var/www/pub/$_v1/!$uri
/var/www/pub/!$uri
@;
add_header Access-Control-Allow-Origin $_origin;
expires 28d;
}
location dir: {
alias /;
index :none;
autoindex on;
}
location file: {
alias /;
}
location @ {
fastcgi_param DOCUMENT_ROOT $_v2;
fastcgi_param SCRIPT_FILENAME $_v3;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $host;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_pass upstream;
}
}
}
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291674,291674#msg-291674
More information about the nginx
mailing list